Inside TDV - The Data Vault Blog

Five Questions to Ask About Your DR Plan

We probably harp on this too much, but we wanted to share this fine article from Business2Community.com and offer our comments and praise. The subject: Five Questions You Need to Answer About Your Disaster Recovery Plan.

B2C‘s five big questions are common-sense-meets-thought-provoking, and every organization should stop and strongly consider them. Here they are:

1. What is the economic risk if core applications go down for a day, a week, or even longer?

B2C rightly points out that not all your applications are not the same, and the same goes for your backed-up data. Some applications drive revenue that provides the backbone of your business, while others are used to make sure your employees aren’t playing Candy Crush during work hours. And while some data is sensitive and crucial, some is five years old and may not even be needed. Your should know the difference, and it should be reflected in your DR plan.

2. How are applications currently protected and are they all protected the same way?

It’s a similar question. Similarly to question one, have you addressed ways to more stringently product information and processes related to your most important applications? It doesn’t need to be a one-size-fits-all solution. Protect your most critical information with almost-instantaneous DR backup, and the stuff you might be able to live without — like sales goals and figures from 2004 — can be given lower priority.

3. What will happen to key data in the event of a disaster?

This may be the biggest one. Will you be able to access what you need to do a full recovery? Or will your IT staff be running around with its hair on fire? As B2C writes, “Your solution should not only adequately secure your key data, but also provide for accessibility of resources like decryption keys and pass phrases that allow access to encrypted backups. This will allow your team to access the important data even if the primary application is compromised and should remain a separate part of the DR plan from protecting the primary applications itself.”

4. Against which types of disasters are we guarding?

Sure, a hurricane could shut you down. Or if the power grid in your area goes kaput. But if your co-location is across town and the whole damn city shuts down, then what? Ask yourself if a third and/or regional co-location might be in order for your most critical data and applications. Says B2C: “From smallest-size impact to largest, they are Application Disasters, Infrastructure Disasters, Datacenter Disasters, Metro Disasters and Regional Disasters. Consider and understand the types of disasters you are guarding against and weight that against the physical distance of where your DR solution is located.”

5. What were the results of our latest full recovery test?

You did test your DR plan, right? Right??? B2C recommends twice annual testing. Get organization buy-in. Define the roles of all stakeholders, and make sure they are aware of those roles. Practice and keep tweaking it to ensure its efficacy. Otherwise, it’s just a waste of time and money.

The point is, your business continuity is too valuable to throw away to a mindset of, “It will never happen to me.”